Ransomware-wielding criminals constantly refine their behavior and tactics to maximize the chance of a payday, and recently they have been implementing fresh strategies for monetizing stolen data, says Steve Rivers at threat intelligence firm Kela.
Fraudsters compromised debit card numbers and associated PINs, and possibly names and addresses, of an undisclosed number of Bank of the West customers. Unknown thieves installed skimmers in a "small number of ATMs," the bank's COO, Karl Werwath, tells ISMG.
Threat actors are using deepfakes to apply for remote employment at U.S. tech companies in a bid to gain access to corporate financial and customer data, internal databases and proprietary information. Fraudsters used stolen PII to make deepfake videos for personal interviews, says the FBI.
Ukraine says it has thwarted multiple Russian misinformation campaigns, including blocking attempts to penetrate the electronic systems of its TV channels on the eve of its Constitution Day holiday. It also flagged social media accounts spreading fake videos.
"I'm concerned that at some point the Russians are going to launch cyber retaliatory attacks against the United States at election infrastructure and the transportation, financial and energy sectors," says Elvis Chan, supervisory special agent at the San Francisco Division of the FBI.
Chris Borales, senior product marketing manager for ThreatINSIGHT and security solutions at Gigamon, and Tony Morbin of Information Security Media Group discuss the findings of a recent survey of cybersecurity professionals about emerging security trends in 2022, conducted for Gigamon by ISMG.
The apps your dev teams are building have changed, your security tools should too. Digital transformation, omnichannel marketing and directly connecting with customers among other key business imperatives have accelerated application development cycles. Development teams have widely adopted agile development practices...
Ransomware-as-a-service gang LockBit has set up a bug bounty program for its malware and for exploitable vulnerabilities it could use to further criminal activities. Whether the program will go as planned is an open question. The gang is offering $1,000 to $1 million in remuneration.
Unlocking the data generated by ransomware attacks is helping organizations better understand the risks, adopt defensive technologies and prepare for future attacks, says Wade Baker, partner at Cyentia Institute. He discusses new data on how quickly organizations are remediating vulnerabilities.
Four ISMG editors discuss important cybersecurity issues, including how Canada's Desjardins Group settled a data breach lawsuit for $155 million, how Facebook is being sued after allegedly violating patient privacy, and highlights from ISMG's Northeast Summit held in New York this week.
Effective security and risk programs require not just domain mastery but making security accessible to boards of directors and senior officers, says Karin Höne, the group chief information security and risk officer of South Africa-based multinational Barloworld.
Blockchain company Harmony has offered a $1 million bounty to hackers who stole $100 million worth of Ethereum tokens. It says it won’t push for criminal charges if the funds are returned. The exploit did not affect the trustless Bitcoin - BTC - bridge, the company says in its tweet thread.
A malware incident involving exfiltration of data has affected more than 1.24 million patients of Texas-based Baptist Medical Center and Resolute Health Hospital. It adds to a growing list of major health data breaches reported to regulators in recent weeks as affecting millions of individuals.
Lithuania's National Cyber Security Center has warned of increasing DDoS attacks directed against the nation's public authorities and its transport and financial sectors following Lithuania blocking road and rail supplies to the Russian enclave of Kaliningrad.
Ransomware group AvosLocker made use of unpatched VMWare Horizon applications to hack into an unidentified organization’s systems, says analysis from Cisco Talos. The race between systems administrators working to patch the Log4j vulnerability and hackers trying to exploit it is ongoing.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.